Smart server has no built in authentication
Bug #126911 reported by
Robert Collins
This bug affects 4 people
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Bazaar |
Confirmed
|
Medium
|
Unassigned | ||
Breezy |
Triaged
|
Wishlist
|
Unassigned |
Bug Description
This has turned up in a few places, it would be good to be able to
manage authentication, and presumably access control within the smart
server.
This is kindof optional on http://, but really required on bzr://.
It would be nice to be able to do quick-hacks for sprints with something
like bzr server --username=foo --password=bar, to provide an on-demand
central server with no config.
affects /products/bzr
status triaged
importance high
--
GPG key available at: <http://
Changed in bzr: | |
importance: | High → Medium |
Changed in bzr: | |
status: | Triaged → Confirmed |
tags: | added: authentication hpss |
tags: | added: check-for-breezy |
Changed in brz: | |
status: | New → Triaged |
importance: | Undecided → Wishlist |
tags: | removed: check-for-breezy |
To post a comment you must log in.
<lifeless> womble: setup a service account //foo@host/ .../
<lifeless> womble: bzr+ssh:
<lifeless> womble: with restricted access to only run as that user. If this helps.
Looks like the perfect solution to me :)
bzr://
no authentication
bzr+http://
optional authentication
bzr+ssh://
Strong authentication either for each user or with a dedicated account registering the authorized keys.
We were to *not* manage authentication ourselves. I'll strongly prefer we continue :)
Lowering the importance as I think it's more a documentation problem. Feel free to disagree or bring the discussion to the list.